Imagine if you will, a young man standing on this street – Ticonderoga Drive, in Southaven, just outside of Memphis,  in the USA, on a sweltering deep south summer’s day in 1993.

He’s trying to sell books – homework manuals, to be precise, door to door.

He carefully chooses a house. He knocks on the door – and takes a couple of steps back, pretending to wave at someone down the street.

The door opens, and the young man begins his sales patter – his approach, in the lingo.

It’s lunchtime on a Saturday, and he’s invited inside to demonstrate the school books to the whole family (and probably, to explain what a 20 year old Limey is doing going door to door on the Tennessee/Mississippi border during the summer vacation)

The pitch goes well, and towards the end, with a smile, the young man asks “would you like to pay with cash or a card” and with a practised flourish, pulls from his bag …

A knucklebuster. A zip zap machine

You might have guessed that the young man is me, and this all came flooding back while I was musing recently on the the key characteristics of a terminal.
Certainly, with this zipzap I could just as easily have handwritten a credit card slip – but it wouldn’t have had the same impact. User experience is _so_ important in payments.
But terminals are under attack from all sides and that’s got me thinking about what a payment terminal is for.

It’s clearly about the user experience – and security theatre. A reassuring presence that means the consumer can have confidence that they know what to do, how it works, and what to expect.

It certainly used to be all about comms – getting messages from the seller/merchant/acceptor back to the acquiring host

And of course, terminals and cards are filled with sophisticated security technology. Cryptographic keys. Anti-tamper switches. Clever things which make the chips go FWOOF and black smoke come out if naughty people try to mess about with the equipment.

So for me, these are the three key characteristics.

But how do they stack up today?

Well let’s start with comms. Getting electronic messages out of the shop and back to the host used to be very hard. We had special modems and ISDN lines. We had offline PIN and floor limits and all manner of protocols concerning what to do if the communications broke down

But today, secure electronic comms are near ubiquitous. And terminals almost always have to be online. Floor limits have broadly gone away, and PIN verification is increasingly forced online (whether this is a good thing is more arguable – the robustness of offline cards has intrinsic value).  Comms is a solved problem

So let’s look at the user experience. Terminals should mean an easy, reliable, comfortable, and completely familiar experience. But increasingly, we challenge cardholders to pay in a variety of ways.

Imagine someone tapping in on the London Underground with their debit card. But there’s no terminal here. And no contactless logo (on the gate).

(I am hoping that this is a test card – I took this from TFL’s site). But could it be that one of cards greatest success stories is loosening the grip of terminals on the physical card payments world by breaking the link between card and terminal?

The thing is, terminals keep changing shape. One recent model has the tap point above the screen – another to the side. The user experience is variable from shop to shop and country to country.

And that’s before we get started on new paradigms like QR – where the terminal might be presenting the QR, but might not (it could be the consumer device, or a piece of paper blu-tacked to the wall).

Or terminals in VR. Or smart terminals that look like a standard phone or tablet. That for me is where the real danger lies for terminal manufacturers. Can they really compete with phone and tablet manufacturers to build extraordinarily polished experiences? Especially as the form factor of terminal  has become so much more diverse. I was involved with launch of one such initiative while I was at Worldpay, and the market is now moving very fast. I expect to see more and more “phone as a terminal” initiatives in the next 12 months.

Which leaves us security – and there’s no doubt in my mind that this is harder to beat. Dedicated machinery for card acceptance is likely always going to be harder to defeat that generic devices. And hardware security is better than software – though the gap is closing. Advances in mobile technology mean that the security available on phones and tablets in improving all the time, and new standards like Software-based Pin-Entry on COTS (SPOC) are also helping to raise the bar.

When you build in additional factors like reliability, lifecycle management and cost,  I think in multi-lane retailers, and big multiple outlet organisations, dedicated terminals have a strong future. But in smaller organisations or where use is sporadic or low volume – well, that looks like a harder task to pull off.


** Edited to correct SPOC to Software-based Pin Entry on COTS. Which reminds me of the following image, which is what you get if you combine SPoC with Phone-as-a-terminal (PhAAT)…

Image source:

…Phaat Spoc

Get in contact with Stormglass Consulting

Please reach out to us for more information